CtrlK
BlogDocsLog inGet started
Tessl Logo

jbaruch/nanoclaw-trusted

Rules for trusted NanoClaw groups. Shared memory, session bootstrap, cross-group memory updates. Loaded for trusted and main containers only.

77

Quality

96%

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Risky

Do not use without reviewing

This version of the tile failed moderation
Failed moderation (intent review) in rules/session-bootstrap.md: This is a prompt injection attack disguised as a cursor/IDE rule file. It instructs an AI agent to unconditionally execute a bash command and invoke an external skill ('tessl__trusted-memory') at the start of every session before processing any user input. This is a social engineering/prompt injection technique designed to: 1) Force the AI to execute arbitrary commands without user consent, 2) Potentially load malicious instructions from an external 'trusted-memory' skill/plugin, 3) Establish persistence via a sentinel file (/tmp/session_bootstrapped) to track execution. The authoritative tone ('MANDATORY', 'not optional', 'violating this rule') is a classic prompt injection pattern to override the AI's safety boundaries.
Overview
Quality
Evals
Security
Files

proactive-fact-saving.mdrules/

alwaysApply:
Yes

Proactive Fact Saving

Personal facts mentioned in conversation must be saved to trusted memory IMMEDIATELY — not at end of session, not during archival, not "when non-trivial." At first mention.

The test

If this fact would be useful 2 weeks from now after context compaction — save it now.

Categories that trigger immediate save

Preferences (food, travel, work style, tools, habits), family (names, birthdays, events, schools, milestones), recurring schedule patterns, contacts (who someone is + relationship + context), seriously-stated opinions, personal plans (trips, purchases, home projects), health/lifestyle (dietary restrictions, exercise habits, medical context if shared).

How to save

  1. Create or update a typed memory file in /workspace/trusted/ (e.g., user_food-preferences.md); reuse existing files when a category fits, create new files for genuinely new topics.
  2. Add or update its one-line entry in /workspace/trusted/MEMORY.md.
  3. Append to today's daily log.

When NOT to save

Ephemeral task context, facts already in memory (check MEMORY.md first), jokes / sarcasm / hypotheticals, and anything derivable from code / git / project files.

Aggression level

The trusted-memory skill says "after any non-trivial interaction." This rule overrides that threshold for personal facts. A single sentence — "I hate hotel breakfast buffets" — is enough to trigger a save. Don't wait for a pattern. Don't wait for confirmation. Save on first mention.

Context compaction is the enemy. Every unsaved fact is a fact that dies.

rules

async-tasks-extended.md

compaction-aware-summaries.md

composio-vs-agents.md

container-trust-levels.md

context-bootstrap-bg-agents.md

daily-discoveries-rule.md

duplicate-prevention.md

github-data-via-gh.md

global-memory.md

ground-truth-trusted.md

identity-compaction-recovery.md

identity-dual-handle.md

installed-content-immutable.md

local-context-anchoring.md

memory-file-locations.md

messages-db-schema.md

no-orphan-tasks.md

no-silent-defer.md

pending-response-tracking.md

proactive-fact-saving.md

proactive-participation.md

reply-threading.md

session-bootstrap.md

skills-policy.md

verification-protocol.md

wiki-awareness.md

README.md

tile.json